package example.service;

import com.alibaba.fastjson.JSONObject;
import example.model.EncryptReq;
import example.model.EncryptResp;
import example.util.JWTUtil;
import example.util.PGPHelper;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;

@Slf4j
public class AppService {

    static public EncryptResp encrypt(EncryptReq req) throws IOException, PGPException, NoSuchAlgorithmException {


        // 获取base64
//        String requestPayloadBase64 = Base64.getEncoder().encodeToString(req.getValue().getBytes());
//        log.info("Request Payload Base64={}", requestPayloadBase64);

        // 公钥加密
        // 获取公钥
        String hsbcPublicKeyString = IOUtils.resourceToString("/pgp/hsbc_public.asc", StandardCharsets.UTF_8);
//        String hsbcPublicKeyString = IOUtils.resourceToString("/pgp/client-public.asc", StandardCharsets.UTF_8); // TODO: 此处测试
        PGPPublicKey hsbcPublicKey = PGPHelper.readPublicKey(hsbcPublicKeyString);

//        String requestPayloadEncrypted4String = PGPHelper.encrpytRequestPayload(requestPayloadBase64, hsbcPublicKey, true, true, false);
//        log.info("Request Payload Encrypted PGP=\n{}", requestPayloadEncrypted4String);


        String privateKeyString = IOUtils.resourceToString("/pgp/client-private.asc", StandardCharsets.UTF_8);

        // 获取私钥
        PGPPrivateKey privateKey = PGPHelper.readPrivateKey(privateKeyString, "");
        // 私钥签名

        // 签名数据转base64
//        String requestPayloadEncryptedBase64String = Base64.getEncoder().encodeToString(requestPayloadEncrypted4String.getBytes());
//        log.info("Request Payload Encrypted PGP Base64=\n{}", requestPayloadEncryptedBase64String);

        String requestPayloadEncryptedBase64String = PGPHelper.encryptAndSign2base64(req.getValue(), hsbcPublicKey, privateKey);


        JSONObject jsonObject = new JSONObject();
        jsonObject.put(req.getKey(), requestPayloadEncryptedBase64String);
        log.info("jsonObject={}", jsonObject.toJSONString());


        String token = JWTUtil.createToken(jsonObject.toJSONString(), privateKey, "PC000025040");

        EncryptResp encryptResp = new EncryptResp();
        encryptResp.setJwt(token);
        Map<String, String> body = new HashMap<>();
        body.put(req.getKey(), requestPayloadEncryptedBase64String);
        encryptResp.setBody(body);

        return encryptResp;
    }

    static public String decrypt(String decryptMsg) throws Exception {

        String privateKeyString = IOUtils.resourceToString("/pgp/client-private.asc", StandardCharsets.UTF_8);

        // 获取私钥
        String hsbcPublicKeyString = IOUtils.resourceToString("/pgp/hsbc_public.asc", StandardCharsets.UTF_8);
        PGPPublicKey hsbcPublicKey = PGPHelper.readPublicKey2(hsbcPublicKeyString);

//        String responseMessage = PGPHelper.decryptResponseMessage(privateKeyString, "", requestPayloadEncryptedBase64String);


        ByteArrayOutputStream recvMessage = new ByteArrayOutputStream();
        String unBase64 =  new String(Base64.getDecoder().decode(decryptMsg.getBytes()));
        PGPHelper.decryptVerifyMessage(new ByteArrayInputStream(unBase64.getBytes()), recvMessage, privateKeyString, "", hsbcPublicKey);

        // 解密base64
        return recvMessage.toString(StandardCharsets.UTF_8.name());
    }
}
